D7 Sms

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate D7 SMS integration, but it gives an agent broad authenticated power to send messages and change account data without explicit confirmation guardrails.

Install only if you trust Membrane and intend to let an agent operate your D7 SMS account. Require explicit confirmation before sending SMS, changing contacts or lists, managing numbers or media, or running any POST, PUT, PATCH, or DELETE proxy request; consider pinning or verifying the Membrane CLI instead of installing the moving @latest version.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill explicitly instructs the agent to proxy arbitrary requests to the D7 SMS API without corresponding guardrails around sensitive endpoints, destructive actions, or user confirmation. In an agent setting, this can enable unintended data access, message sending, list manipulation, or other side effects if a prompt causes the model to construct raw API calls beyond the safer pre-built actions.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal